package com.zlp.zuul.wrapper;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;

/**
 * 防止xss攻击
 * 
 * 
 * @description:
 * @author: zlp
 * @contact: QQ865391093、微信 zlp865391093
 * @date: 2019年1月3日 下午3:03:17
 * @version V1.0
 *
 */
@Slf4j
public class XssAndSqlHttpServletRequestWrapper extends HttpServletRequestWrapper {

	public XssAndSqlHttpServletRequestWrapper(HttpServletRequest request) {
		super(request);
		log.info("Xss....请求参数验证");

	}

	@Override
	public String getParameter(String name) {
		log.info("Xss....请求参数验证");
		String value = super.getParameter(name);
		if (!StringUtils.isEmpty(value)) {
			value = StringEscapeUtils.escapeJava(value);
		}
		return value;
	}
}